Black Duck OpsSight brings open source vulnerability detection to Kubernetes

Black Duck Brings Open Source Vulnerability Detection to Kubernetes

This week we released a new version of Black Duck OpsSight, a solution for vulnerability detection and alerting in production environments. When we introduced Black Duck OpsSight for OpenShift in November, we made it possible for customers who use Black Duck Hub as an integral part of their SDLC security process to also monitor the open source security of their application deployment environments.

This newest release shares that security solution with customers who are running the Kubernetes as their container orchestration platform. 

Black Duck Hub’s integrations with development tools helps companies shift their open source vulnerability scanning “left” in the development process. OpsSight helps them shift “right” to scan and monitor for newly discovered vulnerabilities in their production environments. In addition, with the advent of microservices and container repositories, companies are now including binaries in their applications – binaries for which they have no source code. OpsSight enables them to scan those containers prior to deployment and monitor them in production as well.

By scanning and continually monitoring containers in runtime environments, both IT operations teams and developers gain visibility into the specific vulnerability risks. IT also gains a tool showing them how widespread their open source risk is across the entire running application portfolio.

Black Duck OpsSight for Kubernetes

We see a lot of enterprises adopting OpenShift because Red Hat has assembled and packaged the ecosystem of tools needed to efficiently run a Kubernetes-based container orchestration platform. With version 1.0.2, OpsSight now supports companies building on the open source version of Kubernetes, and it allows us to broaden our portfolio of platforms to support other vendors such as Google and Amazon, who are adopting Kubernetes as an option in their orchestration platforms.

Learn more about OpsSight for Kubernetes

 
Neal Goldman

Posted by

Neal Goldman

Neal Goldman

Mr. Goldman’s background encompasses 25 years of product management, marketing, and business development experience at a variety of technology vendors. Prior to Black Duck, he was a principal product manager at EMC and previously was vice president of product management and marketing at Gryphon Networks. Mr. Goldman has held a variety of senior marketing and product management positions at such companies as Akamai, FTP Software, and Symantec. In addition to his product management experience, he has been an industry analyst at the Yankee Group and managed corporate development for Dr. Solomon’s Software, where he managed strategic alliances, technology licensing, and mergers and acquisitions. He is the author of "The Complete Idiot's Pocket Reference to the Internet." Mr. Goldman holds an undergraduate degree from Tufts University and an MBA from the University of North Carolina, Chapel Hill. Neal’s passion is sailboat racing. You can find him racing at MIT from April to October and in the harbor any given Saturday throughout the winter.


More from Open source and software supply chain risks